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Response to Amendment 

This Office Action is in response to a communication made on September 27, 

2006. 

Claims 1 and 14 have been amended. 

Claims 1-6 have been cancelled. 

Claims 7-14 are pending in this application. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 7 and 10-14 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Feigen (5699513) in view of Coile (6473406). 

Regarding claim 7, Feigen teaches a method for allowing a client application to 
establish, in a client network, a first connection having a first security level with a first 
port of a server application hosted in a server machine linked to a server network, in 
order to send messages addressed to the server machine, said messages passing from 
the client network to the server network through a network layer of a gateway machine 
(Figure 3, security server is the gateway), comprising: 

creating a second port in the gateway machine; 
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ordering the network layer of the gateway machine to reroute to the second port 
any message sent to the first port, addressed to the server machine (Column 4, lines 4 
-11); 

listening to the second port to detect a request to establish said first connection 
(Column 4, lines 12-19) and; 

generating, in the gateway machine, a thread for establishing said first 
connection when a request to establish said first connection is detected in the second 
port (Column 4, lines 22 - 31 ). 

Feigen does not explicitly indicate that any addressed message to the first port is 
received at the second port, and creating based on the message a connection with the 
first port of the server application. 

Coile teaches a system of providing transparent message security and filtering 
which includes any addressed message to the first port is received at the second port, 
and creating based on the message a connection with the first port of the server 
application (Column 8, lines 49 - 67). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Coile's teaching of transparency in Feigen so that the client 
never has to act according to any packet filtering and separate security issues, and only 
operate as if using the first server. 

Regarding claims 10 and 11, Feigen teaches a method according to claims 7 
and 8, characterized in that the steps of creating and ordering are executed 
automatically by a first process of the gateway machine and in that said first process 
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generates a second process that executes the third and the fourth step (Column 4, lines 
12-31). 

Regarding claims 12 and 13, Feigen teaches a method according to claims 10 
and 1 1 , further comprising automatically executing the steps of creating, rerouting and 
deleting by a first process of the gateway machine and generating by said first process 
a second process that executes the steps of listening and generating a thread (Column 
4, lines 12-31). 

Regarding claim 14, Feigen teaches a method for allowing a client application to 
establish in a client network a first connection having a first security level, directly with a 
first port of a server application hosted in a server machine linked to a server network, in 
order to send messages addressed to the server machine, said messages passing from 
the client network to the server network through a network layer of a gateway machine 
(Figure 3, security server is the gateway), characterized in that it consists of activating, 
in the gateway machine, a secure application proxy that reroutes the messages from 
the first connection, in a way that is transparent for the client application (Column 4, 
lines 4 - 1 1), in order to establish a second connection having a second security level 
with the server application, said second connection being unknown to said client 
application (Column 4, lines 22 - 31 ). 

Feigen does not explicitly indicate that any addressed message to the first port is 
received at the second port, and creating based on the message a connection with the 
first port of the server application. 
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Coile teaches a system of providing transparent message security and filtering 
which includes any addressed message to the first port is received at the second port, 
and creating based on the message a connection with the first port of the server 
application (Column 8, lines 49 - 67). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Coile's teaching of transparency in Feigen so that the client 
never has to act according to any packet filtering and separate security issues, and only 
operate as if using the first server. 

Claims 8 and 9 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Feigen in view of in view of Coile (6473406), and in further view of Winiger 
(5845068). 

Regarding claim 8, Feigen teaches a method according to claim 1. 

Feigen does not explicitly indicate defining a third port of the server application 
for receiving at least one of the messages with a second security level; and whereas 
said thread comprises: 

establishing said first connection in a first phase with a first security level in a first 
interface associated with the second port and with said request; 

establishing in a second phase a second connection with a second level of 
security in a second interface to the third port in the server machine; 

writing with the second security level in the second interface any message read 
in the first interface with the first security level in a third phase, and; 
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writing with the first security level in the first interface any message read in the second 
interlace with the second security level in a fourth phase. 

Winiger teaches a method according to claim 7, further comprising: 

defining a third port of the server application for receiving at least one of the 
messages with a second security level (Column 4, line 67 - Column 5, line 4); and 
whereas said thread comprises: 

establishing said first connection in a first phase with a first security level in a first 
interface associated with the second port and with said request; 

establishing in a second phase a second connection with a second level of 
security in a second interface to the third port in the server machine (Column 4, line 67 
- Column 5, line 6, where the system allows a new connection to open and request a 
socket of the server application, if the socket is open it allows a new connection to be 
made at a specified security level, which can be different then a previously opened 
socket or port which is operating at a completely separate security layer or label); 

writing with the second security level in the second interface any message read 
in the first interface with the first security level in a third phase, and; 
writing with the first security level in the first interface any message read in the second 
interlace with the second security level in a fourth phase (Column 5, lines 10-14; 
Column 4, lines 44 - 51 where when the system opens a socket at a certain security 
level it responses with the response that contains the identification of the security level 
in the response header). 
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It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Winiger's teaching of multiple security classification levels in 
Feigen's system in order to allow a certain resources to be accessed by only certain 
clearance levels, which increases security and flexibility. 

Regarding claim 9, Feigen teaches a method according to claim 8. 

Feigen does not explicitly indicate ordering the network layer of the gateway 
machine to delete any message sent to the third port 

Winiger teaches ordering the network layer of the gateway machine to delete any 
message sent to the third port (Column 6, lines 6 - 9). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Winiger's teaching of multiple security classification levels in 
Feigen's system in order to allow a certain resources to be accessed by only certain 
clearance levels, which increases security and blocks invalid attempts at resources 
which clearance has not been granted. 

Response to Arguments 

Applicant's arguments with respect to claims 7-14 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kevin Bates whose telephone number is (571) 272- 
3980. The examiner can normally be reached on 8 am - 4:30 pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached on (571 ) 272-4006. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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